Spaces:

AdithyaSK
/

opencode-env

Running

App Files Files Community

opencode-env / sandbox /interception.py

AdithyaSK HF Staff

Upload folder using huggingface_hub

70f2179 verified 7 days ago

raw

history blame contribute delete

22.1 kB

	# Copyright (c) Meta Platforms, Inc. and affiliates.
	# All rights reserved.
	#
	# This source code is licensed under the BSD-style license found in the
	# LICENSE file in the root directory of this source tree.

	"""Transparent OpenAI-compatible forwarding proxy with logprob capture.

	The proxy is a small FastAPI app that OpenCode talks to instead of the upstream
	LLM endpoint. It:

	1. Forwards every ``POST /v1/chat/completions`` request to the real upstream
	URL, injecting ``logprobs=true`` and ``top_logprobs=N`` so the upstream
	returns per-token logprobs.
	2. Captures each ``(request, response, logprobs)`` triple to a JSON-lines
	trace file.
	3. Returns the upstream response to OpenCode verbatim (minus the ``logprobs``
	field, which we strip so the CLI never sees anything unexpected).

	The proxy is stateless beyond the trace file. One proxy instance runs per
	session, normally inside the sandbox on ``localhost:7000``.

	Run standalone::

	python -m opencode_env.interception \\
	--upstream-url https://vllm.example/v1 \\
	--upstream-api-key intercepted \\
	--trace /tmp/trace.jsonl \\
	--port 7000
	"""

	from __future__ import annotations

	import argparse
	import asyncio
	import copy
	import json
	import os
	import socket
	import threading
	import time
	from contextlib import closing
	from dataclasses import dataclass, field
	from pathlib import Path
	from typing import Any

	import httpx
	import uvicorn
	from fastapi import FastAPI, Request, Response
	from fastapi.responses import JSONResponse, StreamingResponse


	CHAT_COMPLETIONS_PATH = "/v1/chat/completions"


	@dataclass
	class ProxyConfig:
	"""Runtime configuration for one :class:`InterceptionProxy`."""

	upstream_url: str
	upstream_api_key: str = "intercepted"
	trace_path: str = "/tmp/opencode-proxy-trace.jsonl"
	host: str = "127.0.0.1"
	port: int = 7000
	top_logprobs: int = 5
	request_timeout_s: float = 600.0
	# Cap ``max_tokens`` before forwarding. OpenCode historically asks for very
	# large values (e.g. 32000) that exceed gpt-4o-mini's 16384 cap; capping
	# here avoids spurious upstream 400s without requiring the caller to know
	# per-model limits.
	max_tokens_cap: int \| None = 16384
	# Disable Qwen-style reasoning/thinking by injecting
	# ``chat_template_kwargs.enable_thinking=false`` into forwarded requests.
	disable_thinking: bool = False
	# Override the ``model`` field on every forwarded request. Some opencode
	# builds emit a stripped model id (e.g. ``Qwen3.5-4B`` instead of the
	# ``Qwen/Qwen3.5-4B`` the upstream serves) for their internal
	# title-generation call. Setting this to the exact upstream model id
	# bypasses that mismatch.
	model_override: str \| None = None


	@dataclass
	class TurnRecord:
	"""One intercepted turn, written to the trace file as JSON-lines."""

	turn: int
	request: dict[str, Any]
	response: dict[str, Any]
	logprobs: list[dict[str, Any]] \| None
	completion_tokens: list[str]
	completion_token_ids: list[int]
	per_token_logps: list[float]
	finish_reason: str \| None
	latency_s: float
	timestamp: float = field(default_factory=time.time)

	def to_json(self) -> str:
	return json.dumps(self.__dict__, default=str)


	def _build_app(cfg: ProxyConfig) -> FastAPI:
	"""Construct the FastAPI app that serves one proxy session."""

	app = FastAPI(title="opencode-interception-proxy")
	state: dict[str, Any] = {"turn": 0, "lock": asyncio.Lock()}

	# HTTP client reused across requests. ``None`` auth header — we let each
	# request carry its own ``Authorization`` populated from ``upstream_api_key``.
	client = httpx.AsyncClient(timeout=cfg.request_timeout_s)
	trace_file = open(cfg.trace_path, "a", buffering=1)

	@app.get("/healthz")
	def healthz() -> dict[str, str]:
	return {"status": "ok"}

	@app.post(CHAT_COMPLETIONS_PATH)
	async def chat_completions(request: Request) -> Response:
	raw_body = await request.body()
	try:
	body = json.loads(raw_body)
	except json.JSONDecodeError:
	return JSONResponse(
	status_code=400, content={"error": "invalid json body"}
	)

	forwarded_body = _prepare_forwarded_body(body, cfg)
	headers = {
	"Content-Type": "application/json",
	"Authorization": f"Bearer {cfg.upstream_api_key}",
	}
	upstream_url = _resolve_upstream_url(cfg.upstream_url)

	async with state["lock"]:
	state["turn"] += 1
	turn_idx = state["turn"]

	if forwarded_body.get("stream"):
	return await _proxy_streaming(
	client=client,
	upstream_url=upstream_url,
	headers=headers,
	forwarded_body=forwarded_body,
	original_body=body,
	trace_file=trace_file,
	turn_idx=turn_idx,
	)
	return await _proxy_unary(
	client=client,
	upstream_url=upstream_url,
	headers=headers,
	forwarded_body=forwarded_body,
	original_body=body,
	trace_file=trace_file,
	turn_idx=turn_idx,
	)

	@app.on_event("shutdown")
	async def _shutdown() -> None:
	await client.aclose()
	trace_file.close()

	return app


	def _prepare_forwarded_body(body: dict[str, Any], cfg: ProxyConfig) -> dict[str, Any]:
	"""Return the body we actually send upstream.

	- Injects ``logprobs=true`` + ``top_logprobs`` so the upstream emits
	per-token logprobs.
	- Caps ``max_tokens`` / ``max_completion_tokens`` to ``max_tokens_cap``.
	- For models that reject ``max_tokens`` (e.g. gpt-5.x), translates to
	``max_completion_tokens``.
	"""
	forwarded = copy.deepcopy(body)
	forwarded.setdefault("logprobs", True)
	forwarded.setdefault("top_logprobs", cfg.top_logprobs)

	# GPT-5.x and newer: ``max_tokens`` is rejected; must use
	# ``max_completion_tokens``. Detect via model string so we don't break
	# gpt-4.x or vLLM-hosted models that accept ``max_tokens``.
	model = str(forwarded.get("model", ""))
	needs_translation = _model_uses_max_completion_tokens(model)
	if needs_translation and "max_tokens" in forwarded:
	value = forwarded.pop("max_tokens")
	forwarded.setdefault("max_completion_tokens", value)

	if cfg.max_tokens_cap is not None:
	for key in ("max_tokens", "max_completion_tokens"):
	value = forwarded.get(key)
	if isinstance(value, int) and value > cfg.max_tokens_cap:
	forwarded[key] = cfg.max_tokens_cap

	if cfg.disable_thinking:
	# vLLM applies chat_template_kwargs to the tokenizer's chat template
	# for Qwen3/Qwen3.5 models, turning off <think>...</think> generation.
	extra = forwarded.setdefault("chat_template_kwargs", {})
	extra.setdefault("enable_thinking", False)

	if cfg.model_override:
	forwarded["model"] = cfg.model_override

	return forwarded


	def _model_uses_max_completion_tokens(model: str) -> bool:
	"""Heuristic: ``True`` for models that reject ``max_tokens``."""
	# Strip a provider prefix opencode may have prepended (e.g. "intercepted/").
	bare = model.split("/", 1)[-1].lower()
	return bare.startswith(("gpt-5", "o1", "o3", "o4"))


	def _resolve_upstream_url(upstream: str) -> str:
	"""Build the fully qualified chat-completions URL from a base URL."""
	base = upstream.rstrip("/")
	if base.endswith("/v1"):
	return f"{base}/chat/completions"
	return f"{base}{CHAT_COMPLETIONS_PATH}"


	async def _proxy_unary(
	*,
	client: httpx.AsyncClient,
	upstream_url: str,
	headers: dict[str, str],
	forwarded_body: dict[str, Any],
	original_body: dict[str, Any],
	trace_file: Any,
	turn_idx: int,
	) -> Response:
	start = time.time()
	upstream_response = await client.post(
	upstream_url, content=json.dumps(forwarded_body), headers=headers
	)
	latency = time.time() - start
	try:
	response_json = upstream_response.json()
	except Exception:
	return Response(
	content=upstream_response.content,
	status_code=upstream_response.status_code,
	media_type=upstream_response.headers.get(
	"content-type", "application/json"
	),
	)

	record = _build_turn_record(
	turn_idx=turn_idx,
	request_body=forwarded_body,
	response_json=response_json,
	latency_s=latency,
	)
	trace_file.write(record.to_json() + "\n")
	sanitized = _strip_logprobs(response_json)
	return JSONResponse(content=sanitized, status_code=upstream_response.status_code)


	async def _proxy_streaming(
	*,
	client: httpx.AsyncClient,
	upstream_url: str,
	headers: dict[str, str],
	forwarded_body: dict[str, Any],
	original_body: dict[str, Any],
	trace_file: Any,
	turn_idx: int,
	) -> Response:
	"""Forward an SSE stream while accumulating the full response.

	Opens the upstream stream and inspects the status. On non-2xx, reads the
	full body (an error JSON, not SSE) and returns it to the caller as a
	regular JSON response — previously we silently emitted an empty
	``text/event-stream`` which opencode interpreted as an empty assistant
	turn. Both the error body and the latency are written to the trace file
	so debugging a broken rollout doesn't require another round-trip.
	"""

	start = time.time()

	# Open the stream outside the generator so we can branch on status before
	# committing to a streaming response shape.
	upstream_cm = client.stream(
	"POST",
	upstream_url,
	content=json.dumps(forwarded_body),
	headers=headers,
	)
	upstream = await upstream_cm.__aenter__()

	if upstream.status_code >= 400:
	# Upstream responded with an error body (not SSE). Read it fully and
	# return as a non-streaming JSON payload.
	error_bytes = await upstream.aread()
	await upstream_cm.__aexit__(None, None, None)
	latency = time.time() - start
	try:
	error_json = json.loads(error_bytes.decode() or "{}")
	except Exception:
	error_json = {"error": error_bytes.decode(errors="replace")[:4000]}
	record = _build_turn_record(
	turn_idx=turn_idx,
	request_body=forwarded_body,
	response_json={
	"choices": [],
	"usage": None,
	"upstream_status": upstream.status_code,
	"upstream_error": error_json,
	},
	latency_s=latency,
	)
	trace_file.write(record.to_json() + "\n")
	print(
	f"[proxy] turn {turn_idx}: upstream {upstream.status_code}: "
	f"{str(error_json)[:400]}",
	flush=True,
	)
	return JSONResponse(content=error_json, status_code=upstream.status_code)

	async def _stream() -> Any:
	accumulated: dict[str, Any] = {
	"content_by_idx": {},
	"tool_calls_by_idx": {},
	"finish_by_idx": {},
	"logprobs_by_idx": {},
	}
	last_chunk: dict[str, Any] = {}
	try:
	async for line in upstream.aiter_lines():
	if not line:
	yield "\n"
	continue
	yield line + "\n"
	if not line.startswith("data:"):
	continue
	data = line[len("data:"):].strip()
	if data == "[DONE]":
	continue
	try:
	chunk = json.loads(data)
	except json.JSONDecodeError:
	continue
	last_chunk = chunk
	_accumulate_stream_chunk(chunk, accumulated)
	finally:
	await upstream_cm.__aexit__(None, None, None)

	latency = time.time() - start
	response_json = _assemble_streamed_response(last_chunk, accumulated)
	record = _build_turn_record(
	turn_idx=turn_idx,
	request_body=forwarded_body,
	response_json=response_json,
	latency_s=latency,
	)
	trace_file.write(record.to_json() + "\n")

	return StreamingResponse(_stream(), media_type="text/event-stream")


	def _accumulate_stream_chunk(chunk: dict[str, Any], acc: dict[str, Any]) -> None:
	for choice in chunk.get("choices", []) or []:
	idx = choice.get("index", 0)
	delta = choice.get("delta") or {}
	content = delta.get("content")
	if content:
	acc["content_by_idx"].setdefault(idx, []).append(content)
	# HF-Router's Qwen thinking mode streams the chain-of-thought under a
	# separate ``reasoning`` field (per Together/Scaleway). Accumulate it
	# so the assembled response surfaces it — otherwise it's dropped and
	# proxy_turn observability is lost for thinking-mode rollouts.
	reasoning = delta.get("reasoning")
	if reasoning:
	acc.setdefault("reasoning_by_idx", {}).setdefault(idx, []).append(reasoning)
	for tc in delta.get("tool_calls") or []:
	tc_idx = tc.get("index", 0)
	bucket = acc["tool_calls_by_idx"].setdefault(
	(idx, tc_idx),
	{"id": None, "type": "function", "function": {"name": "", "arguments": ""}},
	)
	if tc.get("id"):
	bucket["id"] = tc["id"]
	fn = tc.get("function") or {}
	if fn.get("name"):
	bucket["function"]["name"] += fn["name"]
	if fn.get("arguments"):
	bucket["function"]["arguments"] += fn["arguments"]
	if choice.get("finish_reason"):
	acc["finish_by_idx"][idx] = choice["finish_reason"]
	lp = choice.get("logprobs") or {}
	content_lp = lp.get("content")
	if content_lp:
	acc["logprobs_by_idx"].setdefault(idx, []).extend(content_lp)


	def _assemble_streamed_response(
	last_chunk: dict[str, Any], acc: dict[str, Any]
	) -> dict[str, Any]:
	indices = sorted(
	set(acc["content_by_idx"])
	\| set(acc["finish_by_idx"])
	\| {k[0] for k in acc["tool_calls_by_idx"]}
	\| set(acc["logprobs_by_idx"])
	\| {0}
	)
	choices: list[dict[str, Any]] = []
	for idx in indices:
	tool_calls = [
	acc["tool_calls_by_idx"][k]
	for k in sorted(acc["tool_calls_by_idx"])
	if k[0] == idx
	]
	message: dict[str, Any] = {"role": "assistant"}
	content = "".join(acc["content_by_idx"].get(idx, []))
	if content:
	message["content"] = content
	reasoning = "".join((acc.get("reasoning_by_idx") or {}).get(idx, []))
	if reasoning:
	message["reasoning"] = reasoning
	if tool_calls:
	message["tool_calls"] = tool_calls
	choice: dict[str, Any] = {
	"index": idx,
	"message": message,
	"finish_reason": acc["finish_by_idx"].get(idx),
	}
	if acc["logprobs_by_idx"].get(idx):
	choice["logprobs"] = {"content": acc["logprobs_by_idx"][idx]}
	choices.append(choice)
	return {
	"id": last_chunk.get("id", ""),
	"object": "chat.completion",
	"model": last_chunk.get("model", ""),
	"choices": choices,
	"usage": last_chunk.get("usage"),
	}


	def _build_turn_record(
	*,
	turn_idx: int,
	request_body: dict[str, Any],
	response_json: dict[str, Any],
	latency_s: float,
	) -> TurnRecord:
	"""Extract per-token logprobs into a normalized :class:`TurnRecord`."""

	choice = (response_json.get("choices") or [{}])[0]
	logprobs_field = choice.get("logprobs") or {}
	content_lp = logprobs_field.get("content") or []

	tokens: list[str] = []
	token_ids: list[int] = []
	per_token_logps: list[float] = []
	for entry in content_lp:
	tokens.append(entry.get("token", ""))
	# OpenAI returns no raw token ids; vLLM returns them as ``token_id``.
	token_id = entry.get("token_id")
	if token_id is not None:
	token_ids.append(int(token_id))
	lp = entry.get("logprob")
	if lp is not None:
	per_token_logps.append(float(lp))

	return TurnRecord(
	turn=turn_idx,
	request=request_body,
	response=response_json,
	logprobs=content_lp,
	completion_tokens=tokens,
	completion_token_ids=token_ids,
	per_token_logps=per_token_logps,
	finish_reason=choice.get("finish_reason"),
	latency_s=latency_s,
	)


	def _strip_logprobs(response_json: dict[str, Any]) -> dict[str, Any]:
	"""Return a copy of the response with ``choices[*].logprobs`` removed."""

	out = dict(response_json)
	choices = out.get("choices")
	if isinstance(choices, list):
	out["choices"] = [
	{k: v for k, v in (ch or {}).items() if k != "logprobs"}
	for ch in choices
	]
	return out


	# ---------------------------------------------------------------------------
	# Standalone runner (used inside the sandbox)
	# ---------------------------------------------------------------------------


	def serve(cfg: ProxyConfig) -> None:
	"""Start the proxy and block (for use as the sandbox-side entry point)."""

	app = _build_app(cfg)
	uvicorn.run(app, host=cfg.host, port=cfg.port, log_level="warning")


	class InterceptionProxy:
	"""Thread-backed controller for running the proxy locally.

	Used by unit tests and by any in-process driver that wants a short-lived
	proxy on the local machine. Inside a sandbox we invoke :func:`serve`
	directly via ``python -m opencode_env.interception``.
	"""

	def __init__(self, cfg: ProxyConfig) -> None:
	self._cfg = cfg
	self._server: uvicorn.Server \| None = None
	self._thread: threading.Thread \| None = None
	self._ready = threading.Event()

	@property
	def url(self) -> str:
	return f"http://{self._cfg.host}:{self._cfg.port}/v1"

	@property
	def config(self) -> ProxyConfig:
	return self._cfg

	def start(self) -> None:
	app = _build_app(self._cfg)
	config = uvicorn.Config(
	app,
	host=self._cfg.host,
	port=self._cfg.port,
	log_level="warning",
	lifespan="on",
	)
	self._server = uvicorn.Server(config)
	self._thread = threading.Thread(
	target=self._run_server, daemon=True
	)
	self._thread.start()
	# Wait for the server to accept connections.
	deadline = time.time() + 10
	while time.time() < deadline:
	if _port_open(self._cfg.host, self._cfg.port):
	self._ready.set()
	return
	time.sleep(0.05)
	raise RuntimeError("InterceptionProxy failed to start within 10s")

	def _run_server(self) -> None:
	assert self._server is not None
	self._server.run()

	def stop(self) -> None:
	if self._server is None:
	return
	self._server.should_exit = True
	if self._thread is not None:
	self._thread.join(timeout=5)
	self._server = None
	self._thread = None

	def __enter__(self) -> "InterceptionProxy":
	self.start()
	return self

	def __exit__(self, *exc) -> None:
	self.stop()


	def _port_open(host: str, port: int) -> bool:
	with closing(socket.socket(socket.AF_INET, socket.SOCK_STREAM)) as s:
	s.settimeout(0.2)
	return s.connect_ex((host, port)) == 0


	# ---------------------------------------------------------------------------
	# Trace reader (used by the session to pull captured turns back)
	# ---------------------------------------------------------------------------


	def read_trace(path: str \| os.PathLike) -> list[dict[str, Any]]:
	"""Read a proxy trace file into a list of dicts."""

	trace: list[dict[str, Any]] = []
	p = Path(path)
	if not p.exists():
	return trace
	for line in p.read_text().splitlines():
	line = line.strip()
	if not line:
	continue
	trace.append(json.loads(line))
	return trace


	# ---------------------------------------------------------------------------
	# CLI entry point
	# ---------------------------------------------------------------------------


	def main() -> None:
	parser = argparse.ArgumentParser(prog="opencode_env.interception")
	parser.add_argument("--upstream-url", required=True)
	parser.add_argument("--upstream-api-key", default="intercepted")
	parser.add_argument("--trace", default="/tmp/opencode-proxy-trace.jsonl")
	parser.add_argument("--host", default="127.0.0.1")
	parser.add_argument("--port", type=int, default=7000)
	parser.add_argument("--top-logprobs", type=int, default=5)
	parser.add_argument("--request-timeout", type=float, default=600.0)
	parser.add_argument(
	"--max-tokens-cap",
	type=int,
	default=None,
	help="Clamp max_tokens/max_completion_tokens on forwarded requests.",
	)
	parser.add_argument(
	"--disable-thinking",
	action="store_true",
	help="Inject chat_template_kwargs.enable_thinking=false (Qwen3/Qwen3.5).",
	)
	parser.add_argument(
	"--model-override",
	default=None,
	help="Rewrite the `model` field on every forwarded request.",
	)
	args = parser.parse_args()

	cfg = ProxyConfig(
	upstream_url=args.upstream_url,
	upstream_api_key=args.upstream_api_key,
	trace_path=args.trace,
	host=args.host,
	port=args.port,
	top_logprobs=args.top_logprobs,
	request_timeout_s=args.request_timeout,
	max_tokens_cap=args.max_tokens_cap,
	disable_thinking=args.disable_thinking,
	model_override=args.model_override,
	)
	serve(cfg)


	if __name__ == "__main__":
	main()